1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
import { HttpStatusCode, OAuth2ErrorCode, UserRefreshToken } from '../../../../../shared/models'
import { OAuthUserTokens, objectToUrlEncoded } from '../../../root-helpers'
import { peertubeLocalStorage } from '../../../root-helpers/peertube-web-storage'
export class AuthHTTP {
private readonly LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
CLIENT_ID: 'client_id',
CLIENT_SECRET: 'client_secret'
}
private userOAuthTokens: OAuthUserTokens
private headers = new Headers()
constructor () {
this.userOAuthTokens = OAuthUserTokens.getUserTokens(peertubeLocalStorage)
if (this.userOAuthTokens) this.setHeadersFromTokens()
}
fetch (url: string, { optionalAuth, method }: { optionalAuth: boolean, method?: string }) {
const refreshFetchOptions = optionalAuth
? { headers: this.headers }
: {}
return this.refreshFetch(url.toString(), { ...refreshFetchOptions, method })
}
getHeaderTokenValue () {
return `${this.userOAuthTokens.tokenType} ${this.userOAuthTokens.accessToken}`
}
isLoggedIn () {
return !!this.userOAuthTokens
}
private refreshFetch (url: string, options?: RequestInit) {
return fetch(url, options)
.then((res: Response) => {
if (res.status !== HttpStatusCode.UNAUTHORIZED_401) return res
const refreshingTokenPromise = new Promise<void>((resolve, reject) => {
const clientId: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_ID)
const clientSecret: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_SECRET)
const headers = new Headers()
headers.set('Content-Type', 'application/x-www-form-urlencoded')
const data = {
refresh_token: this.userOAuthTokens.refreshToken,
client_id: clientId,
client_secret: clientSecret,
response_type: 'code',
grant_type: 'refresh_token'
}
fetch('/api/v1/users/token', {
headers,
method: 'POST',
body: objectToUrlEncoded(data)
}).then(res => {
if (res.status === HttpStatusCode.UNAUTHORIZED_401) return undefined
return res.json()
}).then((obj: UserRefreshToken & { code?: OAuth2ErrorCode }) => {
if (!obj || obj.code === OAuth2ErrorCode.INVALID_GRANT) {
OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
this.removeTokensFromHeaders()
return resolve()
}
this.userOAuthTokens.accessToken = obj.access_token
this.userOAuthTokens.refreshToken = obj.refresh_token
OAuthUserTokens.saveToLocalStorage(peertubeLocalStorage, this.userOAuthTokens)
this.setHeadersFromTokens()
resolve()
}).catch((refreshTokenError: any) => {
reject(refreshTokenError)
})
})
return refreshingTokenPromise
.catch(() => {
OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
this.removeTokensFromHeaders()
}).then(() => fetch(url, {
...options,
headers: this.headers
}))
})
}
private setHeadersFromTokens () {
this.headers.set('Authorization', this.getHeaderTokenValue())
}
private removeTokensFromHeaders () {
this.headers.delete('Authorization')
}
}
|
